Jump to content

longhorns11

Members
  • Posts

    6
  • Joined

  • Last visited

Everything posted by longhorns11

  1. Done! Thank you very much for the help. I'm waiting on a Paypal transfer, but I will definitely make a small donation for the help. I really appreciate it!
  2. My computer seems to be loading faster and I'm not having redirect problems with google search results. Also, my audio is working again (I think it was malfunctioning due to the Win32 error). For some reason, ComboFix thinks McAfee is still running even though I uninstalled it from my computer a few days ago. ComboFix Log: ComboFix 11-02-09.05 - Alex L 02/10/2011 10:51:12.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2525 [GMT -6:00] Running from: c:\documents and settings\Alex L\Desktop\ComboFix.exe AV: AntiVir Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7} AV: McAfee VirusScan *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} AV: Spyware Doctor with AntiVirus *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6} FW: McAfee Personal Firewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents . ((((((((((((((((((((((((( Files Created from 2011-01-10 to 2011-02-10 ))))))))))))))))))))))))))))))) . 2011-02-06 19:25 . 2011-02-06 20:42 -------- d-----w- c:\windows\system32\NtmsData 2011-02-06 19:24 . 2011-02-06 19:24 -------- d-----w- c:\documents and settings\Alex L\Application Data\Avira 2011-02-06 19:21 . 2011-01-10 20:23 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-02-06 19:21 . 2011-01-10 20:23 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2011-02-06 19:21 . 2010-06-17 20:27 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2011-02-06 19:21 . 2010-06-17 20:27 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2011-02-06 19:21 . 2011-02-06 19:21 -------- d-----w- c:\program files\Avira 2011-02-06 19:21 . 2011-02-06 19:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2011-02-06 19:13 . 2011-02-06 19:13 -------- d-----w- c:\documents and settings\Alex L\Application Data\Malwarebytes 2011-02-06 19:13 . 2010-12-21 00:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-02-06 19:13 . 2011-02-06 19:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-02-06 19:13 . 2011-02-06 19:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-02-06 19:13 . 2010-12-21 00:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-02-05 23:35 . 2010-07-16 20:59 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys 2011-02-05 23:35 . 2010-07-16 20:59 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys 2011-02-05 23:35 . 2010-11-17 16:19 249616 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2011-02-05 23:35 . 2010-11-25 16:53 160448 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2011-02-05 23:35 . 2010-11-25 16:43 239168 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2011-02-05 23:34 . 2010-11-25 16:42 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2011-02-05 23:34 . 2011-02-08 22:38 -------- d-----w- c:\program files\PC Tools Security 2011-02-05 23:34 . 2011-02-05 23:36 -------- d-----w- c:\program files\Common Files\PC Tools 2011-02-05 23:34 . 2011-02-05 23:34 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools 2011-02-05 23:34 . 2011-02-05 23:34 -------- d-----w- c:\documents and settings\Alex L\Application Data\PC Tools 2011-02-05 23:31 . 2011-02-05 23:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2011-02-05 23:31 . 2011-02-05 23:31 -------- d-----w- c:\program files\Google 2011-02-04 18:02 . 2011-02-04 18:02 -------- d-----w- c:\documents and settings\Alex L\Application Data\LolClient 2011-02-04 17:45 . 2011-02-04 17:45 -------- d-----w- C:\Riot Games 2011-02-02 02:52 . 2011-02-02 02:58 -------- d-----w- c:\program files\proeWildfire 4.0 2011-01-31 14:43 . 2011-01-31 14:43 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2011-01-30 21:58 . 2011-02-06 02:06 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee 2011-01-30 15:45 . 2011-01-30 15:45 135568 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2011-01-30 15:45 . 2011-01-30 15:45 135568 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll 2011-01-30 02:50 . 2011-01-30 02:50 -------- d-----w- c:\documents and settings\Alex L\Application Data\PTC 2011-01-27 23:27 . 2011-01-27 23:27 -------- d-----w- c:\documents and settings\Administrator 2011-01-27 23:09 . 2011-01-27 23:09 -------- d--h--w- c:\windows\PIF 2011-01-27 03:23 . 2011-01-27 03:26 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys 2011-01-27 03:23 . 2011-01-27 03:23 -------- d-----w- c:\program files\DAEMON Tools Lite 2011-01-23 21:31 . 2011-02-10 14:41 -------- d-----w- c:\documents and settings\Alex L\Local Settings\Application Data\Temp 2011-01-23 21:31 . 2011-01-23 21:31 -------- d-----w- c:\documents and settings\Alex L\Local Settings\Application Data\Google 2011-01-21 14:44 . 2011-01-21 14:44 439296 -c----w- c:\windows\system32\dllcache\shimgvw.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-02-10 00:04 . 2006-02-28 12:00 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys 2011-01-21 14:44 . 2006-02-28 12:00 439296 ------w- c:\windows\system32\shimgvw.dll 2011-01-07 14:09 . 2006-02-28 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-12-31 13:10 . 2006-02-28 12:00 1854976 ------w- c:\windows\system32\win32k.sys 2010-12-22 12:34 . 2006-02-28 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll 2010-12-20 23:59 . 2006-02-28 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-12-20 23:59 . 2006-02-28 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-12-20 23:59 . 2006-02-28 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2010-12-20 17:26 . 2006-02-28 12:00 730112 ------w- c:\windows\system32\lsasrv.dll 2010-12-20 12:55 . 2006-02-28 12:00 385024 ----a-w- c:\windows\system32\html.iec 2010-12-09 15:15 . 2006-02-28 12:00 718336 ------w- c:\windows\system32\ntdll.dll 2010-12-09 14:30 . 2006-02-28 12:00 33280 ------w- c:\windows\system32\csrsrv.dll 2010-12-09 13:42 . 2006-02-28 12:00 2148864 ------w- c:\windows\system32\ntoskrnl.exe 2010-12-09 13:07 . 2004-08-03 22:59 2027008 ------w- c:\windows\system32\ntkrnlpa.exe 2010-11-18 18:12 . 2009-03-12 01:07 81920 ------w- c:\windows\system32\isign32.dll 2007-02-08 15:48 . 2007-02-08 15:48 133920 ----a-w- c:\program files\internet explorer\plugins\LV82ActiveXControl.dll 2010-01-09 03:09 . 2010-01-09 03:09 158720 ----a-w- c:\program files\internet explorer\plugins\LV90ActiveXControl.dll . ((((((((((((((((((((((((((((( SnapShot@2011-02-06_09.41.58 ))))))))))))))))))))))))))))))))))))))))) . + 2009-07-12 06:02 . 2009-07-12 06:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll + 2009-07-12 06:02 . 2009-07-12 06:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll + 2009-07-12 06:02 . 2009-07-12 06:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll + 2009-07-12 06:02 . 2009-07-12 06:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll + 2009-07-12 06:02 . 2009-07-12 06:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll + 2009-07-12 06:02 . 2009-07-12 06:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll + 2009-07-12 06:02 . 2009-07-12 06:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll + 2009-07-12 06:02 . 2009-07-12 06:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll + 2009-07-12 06:02 . 2009-07-12 06:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll + 2009-07-12 06:02 . 2009-07-12 06:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll + 2009-07-12 06:02 . 2009-07-12 06:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll + 2009-07-12 06:02 . 2009-07-12 06:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll + 2009-07-12 06:05 . 2009-07-12 06:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll + 2009-07-12 06:05 . 2009-07-12 06:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll - 2006-02-28 12:00 . 2011-02-06 08:08 72108 c:\windows\system32\perfc009.dat + 2006-02-28 12:00 . 2011-02-10 14:27 72108 c:\windows\system32\perfc009.dat - 2006-02-28 12:00 . 2010-11-06 00:26 66560 c:\windows\system32\mshtmled.dll + 2006-02-28 12:00 . 2010-12-20 23:59 66560 c:\windows\system32\mshtmled.dll + 2009-03-08 09:31 . 2010-12-20 23:59 55296 c:\windows\system32\msfeedsbs.dll - 2009-03-08 09:31 . 2010-11-06 00:26 55296 c:\windows\system32\msfeedsbs.dll - 2006-02-28 12:00 . 2010-11-06 00:26 25600 c:\windows\system32\jsproxy.dll + 2006-02-28 12:00 . 2010-12-20 23:59 25600 c:\windows\system32\jsproxy.dll + 2011-02-06 19:21 . 2010-06-17 20:27 28520 c:\windows\system32\drivers\ssmdrv.sys - 2010-09-24 00:13 . 2010-11-06 00:26 12800 c:\windows\system32\dllcache\xpshims.dll + 2010-09-24 00:13 . 2010-12-20 23:59 12800 c:\windows\system32\dllcache\xpshims.dll - 2009-03-08 09:31 . 2010-11-06 00:26 66560 c:\windows\system32\dllcache\mshtmled.dll + 2009-03-08 09:31 . 2010-12-20 23:59 66560 c:\windows\system32\dllcache\mshtmled.dll + 2010-09-24 00:13 . 2010-12-20 23:59 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2010-09-24 00:13 . 2010-11-06 00:26 55296 c:\windows\system32\dllcache\msfeedsbs.dll - 2009-03-08 09:34 . 2010-11-06 00:26 43520 c:\windows\system32\dllcache\licmgr10.dll + 2009-03-08 09:34 . 2010-12-20 23:59 43520 c:\windows\system32\dllcache\licmgr10.dll - 2009-03-08 09:33 . 2010-11-06 00:26 25600 c:\windows\system32\dllcache\jsproxy.dll + 2009-03-08 09:33 . 2010-12-20 23:59 25600 c:\windows\system32\dllcache\jsproxy.dll + 2009-12-14 07:08 . 2010-12-09 14:30 33280 c:\windows\system32\dllcache\csrsrv.dll - 2009-12-14 07:08 . 2009-12-14 07:08 33280 c:\windows\system32\dllcache\csrsrv.dll + 2010-11-10 18:49 . 2010-11-10 18:49 17304 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\ViewerPS.dll + 2010-11-10 18:49 . 2010-11-10 18:49 35736 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\reader_sl.exe + 2010-11-10 18:49 . 2010-11-10 18:49 84896 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\PDFPrevHndlr.dll + 2010-11-10 18:49 . 2010-11-10 18:49 94608 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\eula.exe + 2010-11-10 18:49 . 2010-11-10 18:49 49064 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acrotextextractor.exe + 2010-11-10 18:49 . 2010-11-10 18:49 17824 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32Info.exe + 2010-11-10 18:49 . 2010-11-10 18:49 62376 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acroiehelpershim.dll + 2010-11-10 18:49 . 2010-11-10 18:49 64928 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroIEHelper.dll + 2010-11-10 18:49 . 2010-11-10 18:49 63384 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\Acrofx32.dll + 2011-02-10 01:53 . 2010-11-06 00:26 12800 c:\windows\ie8updates\KB2482017-IE8\xpshims.dll + 2011-02-10 01:53 . 2010-11-06 00:26 66560 c:\windows\ie8updates\KB2482017-IE8\mshtmled.dll + 2011-02-10 01:53 . 2010-11-06 00:26 55296 c:\windows\ie8updates\KB2482017-IE8\msfeedsbs.dll + 2011-02-10 01:53 . 2010-11-06 00:26 43520 c:\windows\ie8updates\KB2482017-IE8\licmgr10.dll + 2011-02-10 01:53 . 2010-11-06 00:26 25600 c:\windows\ie8updates\KB2482017-IE8\jsproxy.dll + 2009-07-12 06:02 . 2009-07-12 06:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll + 2009-07-12 06:02 . 2009-07-12 06:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll + 2009-07-12 06:05 . 2009-07-12 06:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll + 2009-07-12 06:02 . 2009-07-12 06:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll - 2006-02-28 12:00 . 2011-02-06 08:08 444358 c:\windows\system32\perfh009.dat + 2006-02-28 12:00 . 2011-02-10 14:27 444358 c:\windows\system32\perfh009.dat + 2006-02-28 12:00 . 2010-12-20 23:59 206848 c:\windows\system32\occache.dll - 2006-02-28 12:00 . 2010-11-06 00:26 206848 c:\windows\system32\occache.dll + 2006-02-28 12:00 . 2010-12-20 23:59 611840 c:\windows\system32\mstime.dll - 2006-02-28 12:00 . 2010-11-06 00:26 611840 c:\windows\system32\mstime.dll - 2009-03-08 09:32 . 2010-11-06 00:26 602112 c:\windows\system32\msfeeds.dll + 2009-03-08 09:32 . 2010-12-20 23:59 602112 c:\windows\system32\msfeeds.dll + 2006-02-28 12:00 . 2010-12-20 23:59 184320 c:\windows\system32\iepeers.dll - 2006-02-28 12:00 . 2010-11-06 00:26 184320 c:\windows\system32\iepeers.dll - 2006-02-28 12:00 . 2010-11-06 00:26 387584 c:\windows\system32\iedkcs32.dll + 2006-02-28 12:00 . 2010-12-20 23:59 387584 c:\windows\system32\iedkcs32.dll + 2006-02-28 12:00 . 2010-12-20 12:55 173568 c:\windows\system32\ie4uinit.exe - 2006-02-28 12:00 . 2010-11-03 12:26 173568 c:\windows\system32\ie4uinit.exe - 2009-03-11 18:08 . 2010-12-18 15:38 275760 c:\windows\system32\FNTCACHE.DAT + 2009-03-11 18:08 . 2011-02-10 04:18 275760 c:\windows\system32\FNTCACHE.DAT - 2009-03-12 23:49 . 2010-11-06 00:26 916480 c:\windows\system32\dllcache\wininet.dll + 2009-03-12 23:49 . 2010-12-20 23:59 916480 c:\windows\system32\dllcache\wininet.dll + 2009-03-08 09:34 . 2010-12-20 23:59 206848 c:\windows\system32\dllcache\occache.dll - 2009-03-08 09:34 . 2010-11-06 00:26 206848 c:\windows\system32\dllcache\occache.dll + 2009-04-14 17:24 . 2010-12-09 15:15 718336 c:\windows\system32\dllcache\ntdll.dll - 2009-03-08 09:32 . 2010-11-06 00:26 611840 c:\windows\system32\dllcache\mstime.dll + 2009-03-08 09:32 . 2010-12-20 23:59 611840 c:\windows\system32\dllcache\mstime.dll - 2010-09-24 00:13 . 2010-11-06 00:26 602112 c:\windows\system32\dllcache\msfeeds.dll + 2010-09-24 00:13 . 2010-12-20 23:59 602112 c:\windows\system32\dllcache\msfeeds.dll - 2009-04-14 17:24 . 2009-06-25 08:25 730112 c:\windows\system32\dllcache\lsasrv.dll + 2009-04-14 17:24 . 2010-12-20 17:26 730112 c:\windows\system32\dllcache\lsasrv.dll + 2009-06-25 08:25 . 2010-12-22 12:34 301568 c:\windows\system32\dllcache\kerberos.dll - 2009-06-25 08:25 . 2009-06-25 08:25 301568 c:\windows\system32\dllcache\kerberos.dll - 2010-09-24 00:13 . 2010-11-06 00:26 247808 c:\windows\system32\dllcache\ieproxy.dll + 2010-09-24 00:13 . 2010-12-20 23:59 247808 c:\windows\system32\dllcache\ieproxy.dll + 2010-02-26 05:43 . 2010-12-20 23:59 184320 c:\windows\system32\dllcache\iepeers.dll - 2010-02-26 05:43 . 2010-11-06 00:26 184320 c:\windows\system32\dllcache\iepeers.dll - 2010-09-24 00:13 . 2010-11-06 00:26 743424 c:\windows\system32\dllcache\iedvtool.dll + 2010-09-24 00:13 . 2010-12-20 23:59 743424 c:\windows\system32\dllcache\iedvtool.dll - 2009-03-08 19:09 . 2010-11-06 00:26 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2009-03-08 19:09 . 2010-12-20 23:59 387584 c:\windows\system32\dllcache\iedkcs32.dll + 2009-03-08 09:32 . 2010-12-20 12:55 173568 c:\windows\system32\dllcache\ie4uinit.exe - 2009-03-08 09:32 . 2010-11-03 12:26 173568 c:\windows\system32\dllcache\ie4uinit.exe + 2010-04-20 05:30 . 2011-01-07 14:09 290048 c:\windows\system32\dllcache\atmfd.dll - 2010-04-20 05:30 . 2010-10-28 13:13 290048 c:\windows\system32\dllcache\atmfd.dll + 2011-02-06 19:21 . 2011-02-06 19:21 219648 c:\windows\Installer\4bab6b.msi + 2010-11-10 18:49 . 2010-11-10 18:49 390552 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\pdfshell.dll + 2010-11-10 18:49 . 2010-11-10 18:49 101288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\PDFPrevHndlrShim.exe + 2010-11-10 18:49 . 2010-11-10 18:49 135568 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\nppdf32.dll + 2010-11-10 18:49 . 2010-11-10 18:49 681872 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\JP2KLib.dll + 2010-11-10 18:49 . 2010-11-10 18:49 104344 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AiodLite.dll + 2010-11-10 18:49 . 2010-11-10 18:49 702352 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroPDF.dll + 2010-11-10 18:49 . 2010-11-10 18:49 294808 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\acrobroker.exe + 2010-11-10 18:49 . 2010-11-10 18:49 205720 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\a3dutils.dll + 2011-02-10 01:53 . 2010-11-06 00:26 916480 c:\windows\ie8updates\KB2482017-IE8\wininet.dll + 2011-02-10 01:53 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2482017-IE8\spuninst\updspapi.dll + 2011-02-10 01:53 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2482017-IE8\spuninst\spuninst.exe + 2011-02-10 01:53 . 2010-11-06 00:26 206848 c:\windows\ie8updates\KB2482017-IE8\occache.dll + 2011-02-10 01:53 . 2010-11-06 00:26 611840 c:\windows\ie8updates\KB2482017-IE8\mstime.dll + 2011-02-10 01:53 . 2010-11-06 00:26 602112 c:\windows\ie8updates\KB2482017-IE8\msfeeds.dll + 2011-02-10 01:53 . 2010-11-06 00:26 247808 c:\windows\ie8updates\KB2482017-IE8\ieproxy.dll + 2011-02-10 01:53 . 2010-11-06 00:26 184320 c:\windows\ie8updates\KB2482017-IE8\iepeers.dll + 2011-02-10 01:53 . 2010-11-06 00:26 743424 c:\windows\ie8updates\KB2482017-IE8\iedvtool.dll + 2011-02-10 01:53 . 2010-11-06 00:26 387584 c:\windows\ie8updates\KB2482017-IE8\iedkcs32.dll + 2011-02-10 01:53 . 2010-11-03 12:26 173568 c:\windows\ie8updates\KB2482017-IE8\ie4uinit.exe + 2009-07-12 06:02 . 2009-07-12 06:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll + 2009-07-12 06:02 . 2009-07-12 06:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll + 2006-02-28 12:00 . 2010-12-20 23:59 1210880 c:\windows\system32\urlmon.dll - 2006-02-28 12:00 . 2010-11-06 00:26 1210880 c:\windows\system32\urlmon.dll - 2006-02-28 12:00 . 2010-07-27 06:30 8462336 c:\windows\system32\shell32.dll + 2006-02-28 12:00 . 2011-01-21 14:44 8462336 c:\windows\system32\shell32.dll + 2006-02-28 12:00 . 2010-12-20 23:59 5961216 c:\windows\system32\mshtml.dll - 2009-03-08 09:32 . 2010-11-06 00:26 1991680 c:\windows\system32\iertutil.dll + 2009-03-08 09:32 . 2010-12-20 23:59 1991680 c:\windows\system32\iertutil.dll + 2009-02-09 11:13 . 2010-12-31 13:10 1854976 c:\windows\system32\dllcache\win32k.sys + 2009-03-12 23:49 . 2010-12-20 23:59 1210880 c:\windows\system32\dllcache\urlmon.dll - 2009-03-12 23:49 . 2010-11-06 00:26 1210880 c:\windows\system32\dllcache\urlmon.dll - 2008-06-17 19:02 . 2010-07-27 06:30 8462336 c:\windows\system32\dllcache\shell32.dll + 2008-06-17 19:02 . 2011-01-21 14:44 8462336 c:\windows\system32\dllcache\shell32.dll + 2009-03-12 23:48 . 2010-12-09 13:38 2192768 c:\windows\system32\dllcache\ntoskrnl.exe + 2009-03-12 23:48 . 2010-12-09 13:07 2027008 c:\windows\system32\dllcache\ntkrpamp.exe + 2009-03-12 23:48 . 2010-12-09 13:07 2069376 c:\windows\system32\dllcache\ntkrnlpa.exe + 2009-03-12 23:48 . 2010-12-09 13:42 2148864 c:\windows\system32\dllcache\ntkrnlmp.exe + 2009-03-12 23:47 . 2010-12-20 23:59 5961216 c:\windows\system32\dllcache\mshtml.dll + 2010-09-24 00:13 . 2010-12-20 23:59 1991680 c:\windows\system32\dllcache\iertutil.dll - 2010-09-24 00:13 . 2010-11-06 00:26 1991680 c:\windows\system32\dllcache\iertutil.dll + 2011-02-10 14:40 . 2011-02-10 14:40 2283008 c:\windows\Installer\ffc18.msi + 2010-11-10 18:49 . 2010-11-10 18:49 2207632 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\rt3d.dll + 2010-11-10 18:49 . 2010-11-10 18:49 6222744 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\authplay.dll + 2010-11-10 18:49 . 2010-11-10 18:49 5503368 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AGM.dll + 2010-11-10 18:49 . 2010-11-10 18:49 1216416 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AdobeCollabSync.exe + 2010-11-10 18:49 . 2010-11-10 18:49 1289624 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32.exe + 2011-02-10 01:53 . 2010-11-06 00:26 1210880 c:\windows\ie8updates\KB2482017-IE8\urlmon.dll + 2011-02-10 01:53 . 2010-11-06 00:26 5959168 c:\windows\ie8updates\KB2482017-IE8\mshtml.dll + 2011-02-10 01:53 . 2010-11-06 00:26 1991680 c:\windows\ie8updates\KB2482017-IE8\iertutil.dll + 2009-03-12 23:48 . 2010-12-09 13:38 2192768 c:\windows\Driver Cache\i386\ntoskrnl.exe + 2009-03-12 23:48 . 2010-12-09 13:07 2027008 c:\windows\Driver Cache\i386\ntkrpamp.exe + 2009-03-12 23:48 . 2010-12-09 13:07 2069376 c:\windows\Driver Cache\i386\ntkrnlpa.exe + 2009-03-12 23:48 . 2010-12-09 13:42 2148864 c:\windows\Driver Cache\i386\ntkrnlmp.exe + 2009-03-13 00:17 . 2011-02-10 01:54 37443528 c:\windows\system32\MRT.exe - 2009-03-08 09:39 . 2010-11-06 00:26 11080704 c:\windows\system32\ieframe.dll + 2009-03-08 09:39 . 2010-12-21 11:29 11080704 c:\windows\system32\ieframe.dll + 2010-06-24 22:51 . 2010-12-21 11:29 11080704 c:\windows\system32\dllcache\ieframe.dll - 2010-06-24 22:51 . 2010-11-06 00:26 11080704 c:\windows\system32\dllcache\ieframe.dll + 2011-01-30 20:44 . 2011-01-30 20:44 12425728 c:\windows\Installer\ffc19.msp + 2010-11-10 18:49 . 2010-11-10 18:49 23724952 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0000000010\10.0.0\AcroRd32.dll + 2011-02-10 01:53 . 2010-11-06 00:26 11080704 c:\windows\ie8updates\KB2482017-IE8\ieframe.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\Alex L\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2011-01-23 136176] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-02-05 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GEST"="m
  3. Done. Is there anything else I should do? New TDSS Log: 2011/02/10 08:27:43.0984 3880 TDSS rootkit removing tool 2.4.17.0 Feb 10 2011 11:07:20 2011/02/10 08:27:44.0109 3880 ================================================================================ 2011/02/10 08:27:44.0109 3880 SystemInfo: 2011/02/10 08:27:44.0109 3880 2011/02/10 08:27:44.0109 3880 OS Version: 5.1.2600 ServicePack: 3.0 2011/02/10 08:27:44.0109 3880 Product type: Workstation 2011/02/10 08:27:44.0109 3880 ComputerName: ALEX 2011/02/10 08:27:44.0109 3880 UserName: Alex L 2011/02/10 08:27:44.0109 3880 Windows directory: C:\WINDOWS 2011/02/10 08:27:44.0109 3880 System windows directory: C:\WINDOWS 2011/02/10 08:27:44.0109 3880 Processor architecture: Intel x86 2011/02/10 08:27:44.0109 3880 Number of processors: 2 2011/02/10 08:27:44.0109 3880 Page size: 0x1000 2011/02/10 08:27:44.0109 3880 Boot type: Normal boot 2011/02/10 08:27:44.0109 3880 ================================================================================ 2011/02/10 08:27:44.0359 3880 Initialize success 2011/02/10 08:27:47.0140 2132 ================================================================================ 2011/02/10 08:27:47.0140 2132 Scan started 2011/02/10 08:27:47.0140 2132 Mode: Manual; 2011/02/10 08:27:47.0140 2132 ================================================================================ 2011/02/10 08:27:48.0828 2132 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/02/10 08:27:48.0890 2132 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/02/10 08:27:48.0968 2132 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/02/10 08:27:49.0062 2132 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2011/02/10 08:27:49.0343 2132 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys 2011/02/10 08:27:49.0796 2132 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\WINDOWS\system32\DRIVERS\AmdLLD.sys 2011/02/10 08:27:49.0875 2132 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2011/02/10 08:27:50.0015 2132 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/02/10 08:27:50.0046 2132 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/02/10 08:27:50.0125 2132 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/02/10 08:27:50.0203 2132 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/02/10 08:27:50.0343 2132 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 2011/02/10 08:27:50.0375 2132 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 2011/02/10 08:27:50.0421 2132 avipbb (da39805e2bad99d37fce9477dd94e7f2) C:\WINDOWS\system32\DRIVERS\avipbb.sys 2011/02/10 08:27:50.0484 2132 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/02/10 08:27:50.0578 2132 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/02/10 08:27:50.0671 2132 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/02/10 08:27:50.0734 2132 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/02/10 08:27:50.0781 2132 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/02/10 08:27:50.0859 2132 CLBStor (cc82215750723d839dbc5d2d625fc130) C:\WINDOWS\system32\drivers\CLBStor.sys 2011/02/10 08:27:50.0906 2132 CLBUDFR (c002f79e6ee9bdf442514435c3d2bcb6) C:\WINDOWS\system32\drivers\CLBUDFR.sys 2011/02/10 08:27:51.0062 2132 cvintdrv (dbd89bc0dbe00dcd245be8f61dbee291) C:\WINDOWS\system32\drivers\cvintdrv.sys 2011/02/10 08:27:51.0156 2132 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/02/10 08:27:51.0234 2132 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 2011/02/10 08:27:51.0328 2132 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 2011/02/10 08:27:51.0359 2132 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/02/10 08:27:51.0406 2132 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/02/10 08:27:51.0468 2132 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/02/10 08:27:51.0546 2132 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys 2011/02/10 08:27:51.0593 2132 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/02/10 08:27:51.0703 2132 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 2011/02/10 08:27:51.0781 2132 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 2011/02/10 08:27:51.0812 2132 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2011/02/10 08:27:51.0875 2132 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2011/02/10 08:27:51.0968 2132 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/02/10 08:27:52.0015 2132 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/02/10 08:27:52.0062 2132 gdrv (5c230948dd6652228f88ca7ae6cb276c) C:\WINDOWS\gdrv.sys 2011/02/10 08:27:52.0796 2132 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/02/10 08:27:52.0843 2132 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2011/02/10 08:27:52.0906 2132 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/02/10 08:27:53.0000 2132 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 2011/02/10 08:27:53.0031 2132 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 2011/02/10 08:27:53.0093 2132 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 2011/02/10 08:27:53.0171 2132 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/02/10 08:27:53.0312 2132 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys 2011/02/10 08:27:53.0359 2132 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/02/10 08:27:53.0593 2132 IntcAzAudAddService (41bb402c2ade27b32439bb765864ab3b) C:\WINDOWS\system32\drivers\RtkHDAud.sys 2011/02/10 08:27:53.0765 2132 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2011/02/10 08:27:53.0828 2132 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/02/10 08:27:53.0906 2132 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/02/10 08:27:53.0953 2132 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/02/10 08:27:53.0984 2132 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/02/10 08:27:54.0031 2132 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/02/10 08:27:54.0078 2132 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/02/10 08:27:54.0109 2132 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/02/10 08:27:54.0140 2132 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2011/02/10 08:27:54.0187 2132 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/02/10 08:27:54.0359 2132 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/02/10 08:27:54.0484 2132 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/02/10 08:27:54.0546 2132 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 2011/02/10 08:27:54.0593 2132 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/02/10 08:27:54.0625 2132 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/02/10 08:27:54.0671 2132 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/02/10 08:27:54.0750 2132 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/02/10 08:27:54.0828 2132 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/02/10 08:27:54.0921 2132 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/02/10 08:27:54.0984 2132 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/02/10 08:27:55.0046 2132 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/02/10 08:27:55.0093 2132 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/02/10 08:27:55.0125 2132 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/02/10 08:27:55.0171 2132 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2011/02/10 08:27:55.0250 2132 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/02/10 08:27:55.0296 2132 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/02/10 08:27:55.0328 2132 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/02/10 08:27:55.0359 2132 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/02/10 08:27:55.0421 2132 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/02/10 08:27:55.0468 2132 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/02/10 08:27:55.0515 2132 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/02/10 08:27:55.0625 2132 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2011/02/10 08:27:55.0703 2132 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/02/10 08:27:55.0750 2132 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/02/10 08:27:55.0859 2132 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/02/10 08:27:56.0156 2132 nv (30913cbf518396912e54c2c9f1dd0f09) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 2011/02/10 08:27:56.0546 2132 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/02/10 08:27:56.0578 2132 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/02/10 08:27:56.0625 2132 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2011/02/10 08:27:56.0656 2132 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 2011/02/10 08:27:56.0687 2132 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/02/10 08:27:56.0734 2132 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/02/10 08:27:56.0781 2132 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/02/10 08:27:56.0859 2132 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 2011/02/10 08:27:56.0968 2132 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/02/10 08:27:57.0078 2132 PCTCore (6ef125721a9f1f7dbf3229786f7decd0) C:\WINDOWS\system32\drivers\PCTCore.sys 2011/02/10 08:27:57.0125 2132 pctDS (f820b4c61d1e591325b679d479d4eea4) C:\WINDOWS\system32\drivers\pctDS.sys 2011/02/10 08:27:57.0187 2132 pctEFA (acc8c15f3d59f17c5d903ff1de3b43d3) C:\WINDOWS\system32\drivers\pctEFA.sys 2011/02/10 08:27:57.0484 2132 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/02/10 08:27:57.0531 2132 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys 2011/02/10 08:27:57.0562 2132 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/02/10 08:27:57.0593 2132 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/02/10 08:27:57.0765 2132 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/02/10 08:27:57.0812 2132 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/02/10 08:27:57.0843 2132 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/02/10 08:27:57.0875 2132 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/02/10 08:27:57.0906 2132 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/02/10 08:27:57.0953 2132 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/02/10 08:27:58.0000 2132 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2011/02/10 08:27:58.0078 2132 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/02/10 08:27:58.0156 2132 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/02/10 08:27:58.0265 2132 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 2011/02/10 08:27:58.0359 2132 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/02/10 08:27:58.0406 2132 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 2011/02/10 08:27:58.0437 2132 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 2011/02/10 08:27:58.0484 2132 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2011/02/10 08:27:58.0593 2132 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/02/10 08:27:58.0765 2132 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\System32\Drivers\sptd.sys 2011/02/10 08:27:58.0921 2132 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/02/10 08:27:58.0968 2132 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/02/10 08:27:59.0046 2132 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 2011/02/10 08:27:59.0125 2132 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/02/10 08:27:59.0156 2132 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/02/10 08:27:59.0312 2132 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/02/10 08:27:59.0375 2132 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/02/10 08:27:59.0406 2132 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/02/10 08:27:59.0453 2132 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/02/10 08:27:59.0484 2132 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/02/10 08:27:59.0562 2132 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/02/10 08:27:59.0593 2132 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/02/10 08:27:59.0656 2132 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/02/10 08:27:59.0703 2132 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/02/10 08:27:59.0734 2132 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/02/10 08:27:59.0765 2132 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2011/02/10 08:27:59.0828 2132 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2011/02/10 08:27:59.0859 2132 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/02/10 08:27:59.0906 2132 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys 2011/02/10 08:27:59.0921 2132 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/02/10 08:27:59.0968 2132 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/02/10 08:28:00.0140 2132 vpnva (2fa9fb828d29fed55efc800e267be09d) C:\WINDOWS\system32\DRIVERS\vpnva.sys 2011/02/10 08:28:00.0234 2132 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/02/10 08:28:00.0343 2132 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/02/10 08:28:00.0421 2132 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 2011/02/10 08:28:00.0484 2132 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2011/02/10 08:28:00.0640 2132 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2011/02/10 08:28:00.0687 2132 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2011/02/10 08:28:00.0765 2132 {95808DC4-FA4A-4C74-92FE-5B863F82066B} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\CyberLink\PowerDVD\000.fcl 2011/02/10 08:28:00.0890 2132 ================================================================================ 2011/02/10 08:28:00.0890 2132 Scan finished 2011/02/10 08:28:00.0890 2132 ================================================================================
  4. Thank you for the timely response. I just finished the steps you listed. For the first time, my computer did not produce the Win32 Generic Host Error. Also, Windows updated itself which it has not been doing since the infection. As a side note, I have been using Google Chrome since some of the first symptoms of the infection started showing up, although I had been using Firefox primarily before. I'm not sure if that's important. TDSS Log: 2011/02/09 18:01:45.0687 0372 TDSS rootkit removing tool 2.4.16.0 Feb 1 2011 10:34:03 2011/02/09 18:01:46.0140 0372 ================================================================================ 2011/02/09 18:01:46.0140 0372 SystemInfo: 2011/02/09 18:01:46.0140 0372 2011/02/09 18:01:46.0140 0372 OS Version: 5.1.2600 ServicePack: 3.0 2011/02/09 18:01:46.0140 0372 Product type: Workstation 2011/02/09 18:01:46.0140 0372 ComputerName: ALEX 2011/02/09 18:01:46.0140 0372 UserName: Alex L 2011/02/09 18:01:46.0140 0372 Windows directory: C:\WINDOWS 2011/02/09 18:01:46.0140 0372 System windows directory: C:\WINDOWS 2011/02/09 18:01:46.0140 0372 Processor architecture: Intel x86 2011/02/09 18:01:46.0140 0372 Number of processors: 2 2011/02/09 18:01:46.0140 0372 Page size: 0x1000 2011/02/09 18:01:46.0140 0372 Boot type: Normal boot 2011/02/09 18:01:46.0140 0372 ================================================================================ 2011/02/09 18:01:46.0375 0372 Initialize success 2011/02/09 18:01:51.0015 3360 ================================================================================ 2011/02/09 18:01:51.0015 3360 Scan started 2011/02/09 18:01:51.0015 3360 Mode: Manual; 2011/02/09 18:01:51.0015 3360 ================================================================================ 2011/02/09 18:01:52.0937 3360 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/02/09 18:01:53.0015 3360 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/02/09 18:01:53.0078 3360 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/02/09 18:01:53.0156 3360 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 2011/02/09 18:01:53.0375 3360 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys 2011/02/09 18:01:53.0421 3360 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\WINDOWS\system32\DRIVERS\AmdLLD.sys 2011/02/09 18:01:53.0500 3360 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2011/02/09 18:01:53.0671 3360 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/02/09 18:01:53.0718 3360 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/02/09 18:01:53.0796 3360 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/02/09 18:01:53.0859 3360 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/02/09 18:01:54.0031 3360 avgio (0b497c79824f8e1bf22fa6aacd3de3a0) C:\Program Files\Avira\AntiVir Desktop\avgio.sys 2011/02/09 18:01:54.0109 3360 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\WINDOWS\system32\DRIVERS\avgntflt.sys 2011/02/09 18:01:54.0171 3360 avipbb (da39805e2bad99d37fce9477dd94e7f2) C:\WINDOWS\system32\DRIVERS\avipbb.sys 2011/02/09 18:01:54.0343 3360 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/02/09 18:01:54.0406 3360 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/02/09 18:01:54.0453 3360 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/02/09 18:01:54.0515 3360 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/02/09 18:01:54.0546 3360 Cdrom (9202b973764b13684538f3e5ace5b15f) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/02/09 18:01:54.0546 3360 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\cdrom.sys. Real md5: 9202b973764b13684538f3e5ace5b15f, Fake md5: 1f4260cc5b42272d71f79e570a27a4fe 2011/02/09 18:01:54.0562 3360 Cdrom - detected Rootkit.Win32.TDSS.tdl3 (0) 2011/02/09 18:01:54.0640 3360 CLBStor (cc82215750723d839dbc5d2d625fc130) C:\WINDOWS\system32\drivers\CLBStor.sys 2011/02/09 18:01:54.0687 3360 CLBUDFR (c002f79e6ee9bdf442514435c3d2bcb6) C:\WINDOWS\system32\drivers\CLBUDFR.sys 2011/02/09 18:01:54.0812 3360 cvintdrv (dbd89bc0dbe00dcd245be8f61dbee291) C:\WINDOWS\system32\drivers\cvintdrv.sys 2011/02/09 18:01:54.0890 3360 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/02/09 18:01:54.0953 3360 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 2011/02/09 18:01:55.0046 3360 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 2011/02/09 18:01:55.0078 3360 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/02/09 18:01:55.0109 3360 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/02/09 18:01:55.0203 3360 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/02/09 18:01:55.0328 3360 dtsoftbus01 (555e54ac2f601a8821cef58961653991) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys 2011/02/09 18:01:55.0406 3360 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/02/09 18:01:55.0453 3360 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 2011/02/09 18:01:55.0484 3360 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 2011/02/09 18:01:55.0515 3360 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2011/02/09 18:01:55.0531 3360 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2011/02/09 18:01:55.0609 3360 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/02/09 18:01:55.0656 3360 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/02/09 18:01:55.0734 3360 gdrv (5c230948dd6652228f88ca7ae6cb276c) C:\WINDOWS\gdrv.sys 2011/02/09 18:01:55.0812 3360 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/02/09 18:01:55.0843 3360 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2011/02/09 18:01:55.0890 3360 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/02/09 18:01:56.0000 3360 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 2011/02/09 18:01:56.0078 3360 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 2011/02/09 18:01:56.0125 3360 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 2011/02/09 18:01:56.0218 3360 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/02/09 18:01:56.0343 3360 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys 2011/02/09 18:01:56.0406 3360 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/02/09 18:01:56.0703 3360 IntcAzAudAddService (41bb402c2ade27b32439bb765864ab3b) C:\WINDOWS\system32\drivers\RtkHDAud.sys 2011/02/09 18:01:56.0828 3360 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2011/02/09 18:01:56.0906 3360 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/02/09 18:01:56.0984 3360 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/02/09 18:01:57.0046 3360 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/02/09 18:01:57.0078 3360 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/02/09 18:01:57.0125 3360 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/02/09 18:01:57.0156 3360 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/02/09 18:01:57.0203 3360 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/02/09 18:01:57.0265 3360 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2011/02/09 18:01:57.0296 3360 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/02/09 18:01:57.0359 3360 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/02/09 18:01:57.0500 3360 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/02/09 18:01:57.0546 3360 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 2011/02/09 18:01:57.0640 3360 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/02/09 18:01:57.0703 3360 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/02/09 18:01:57.0750 3360 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/02/09 18:01:57.0843 3360 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/02/09 18:01:57.0906 3360 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/02/09 18:01:57.0968 3360 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/02/09 18:01:58.0015 3360 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/02/09 18:01:58.0062 3360 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/02/09 18:01:58.0109 3360 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/02/09 18:01:58.0156 3360 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/02/09 18:01:58.0171 3360 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 2011/02/09 18:01:58.0265 3360 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/02/09 18:01:58.0312 3360 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/02/09 18:01:58.0375 3360 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/02/09 18:01:58.0421 3360 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/02/09 18:01:58.0484 3360 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/02/09 18:01:58.0546 3360 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/02/09 18:01:58.0640 3360 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/02/09 18:01:58.0750 3360 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2011/02/09 18:01:58.0812 3360 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/02/09 18:01:58.0843 3360 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/02/09 18:01:58.0953 3360 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/02/09 18:01:59.0296 3360 nv (30913cbf518396912e54c2c9f1dd0f09) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 2011/02/09 18:01:59.0671 3360 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/02/09 18:01:59.0718 3360 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/02/09 18:01:59.0765 3360 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2011/02/09 18:01:59.0843 3360 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 2011/02/09 18:01:59.0875 3360 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/02/09 18:01:59.0906 3360 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/02/09 18:01:59.0937 3360 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/02/09 18:02:00.0000 3360 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 2011/02/09 18:02:00.0062 3360 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/02/09 18:02:00.0140 3360 PCTCore (6ef125721a9f1f7dbf3229786f7decd0) C:\WINDOWS\system32\drivers\PCTCore.sys 2011/02/09 18:02:00.0265 3360 pctDS (f820b4c61d1e591325b679d479d4eea4) C:\WINDOWS\system32\drivers\pctDS.sys 2011/02/09 18:02:00.0343 3360 pctEFA (acc8c15f3d59f17c5d903ff1de3b43d3) C:\WINDOWS\system32\drivers\pctEFA.sys 2011/02/09 18:02:00.0671 3360 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/02/09 18:02:00.0718 3360 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys 2011/02/09 18:02:00.0765 3360 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/02/09 18:02:00.0843 3360 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/02/09 18:02:01.0000 3360 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/02/09 18:02:01.0031 3360 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/02/09 18:02:01.0062 3360 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/02/09 18:02:01.0078 3360 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/02/09 18:02:01.0109 3360 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/02/09 18:02:01.0203 3360 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/02/09 18:02:01.0250 3360 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2011/02/09 18:02:01.0296 3360 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/02/09 18:02:01.0359 3360 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/02/09 18:02:01.0437 3360 RTLE8023xp (89619ef503f949fae09252a8b883ee11) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 2011/02/09 18:02:01.0500 3360 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/02/09 18:02:01.0531 3360 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 2011/02/09 18:02:01.0562 3360 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 2011/02/09 18:02:01.0625 3360 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2011/02/09 18:02:01.0750 3360 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/02/09 18:02:01.0875 3360 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\WINDOWS\System32\Drivers\sptd.sys 2011/02/09 18:02:02.0062 3360 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/02/09 18:02:02.0109 3360 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/02/09 18:02:02.0187 3360 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 2011/02/09 18:02:02.0265 3360 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/02/09 18:02:02.0281 3360 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/02/09 18:02:02.0421 3360 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/02/09 18:02:02.0468 3360 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/02/09 18:02:02.0593 3360 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/02/09 18:02:02.0656 3360 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/02/09 18:02:02.0687 3360 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/02/09 18:02:02.0750 3360 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/02/09 18:02:02.0828 3360 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/02/09 18:02:02.0875 3360 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/02/09 18:02:02.0984 3360 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/02/09 18:02:03.0031 3360 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/02/09 18:02:03.0078 3360 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys 2011/02/09 18:02:03.0109 3360 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2011/02/09 18:02:03.0156 3360 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/02/09 18:02:03.0250 3360 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys 2011/02/09 18:02:03.0343 3360 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/02/09 18:02:03.0406 3360 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/02/09 18:02:03.0484 3360 vpnva (2fa9fb828d29fed55efc800e267be09d) C:\WINDOWS\system32\DRIVERS\vpnva.sys 2011/02/09 18:02:03.0546 3360 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/02/09 18:02:03.0671 3360 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/02/09 18:02:03.0781 3360 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 2011/02/09 18:02:03.0890 3360 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2011/02/09 18:02:03.0968 3360 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2011/02/09 18:02:04.0015 3360 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2011/02/09 18:02:04.0140 3360 {95808DC4-FA4A-4C74-92FE-5B863F82066B} (74ec37b9eaf9fca015b933a526825c7a) C:\Program Files\CyberLink\PowerDVD\000.fcl 2011/02/09 18:02:04.0328 3360 ================================================================================ 2011/02/09 18:02:04.0328 3360 Scan finished 2011/02/09 18:02:04.0328 3360 ================================================================================ 2011/02/09 18:02:04.0328 1916 Detected object count: 1 2011/02/09 18:02:09.0359 1916 Cdrom (9202b973764b13684538f3e5ace5b15f) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/02/09 18:02:09.0359 1916 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\cdrom.sys. Real md5: 9202b973764b13684538f3e5ace5b15f, Fake md5: 1f4260cc5b42272d71f79e570a27a4fe 2011/02/09 18:02:18.0390 1916 Backup copy found, using it.. 2011/02/09 18:02:18.0390 1916 C:\WINDOWS\system32\DRIVERS\cdrom.sys - will be cured after reboot 2011/02/09 18:02:18.0390 1916 Rootkit.Win32.TDSS.tdl3(Cdrom) - User select action: Cure 2011/02/09 18:02:52.0781 1444 Deinitialize success
  5. I am having very similar problems to other posts I have read here. I will get redirected when trying to view google search results and always receive a "Win32 generic host process has encountered a problem and needs to close" error when I first log in to my computer. Also, I have been blocked from certain websites, such as download.microsoft.com and even the malwarebytes website. In order to resolve my problems, I ran a trial version of McAfee as well as PC Tools Security's Spyware Doctor which both managed to find trojans that they removed. Then, I tried the steps here: http://forums.malwarebytes.org/lofiversion...php?t65233.html (unistalled adobe reader, unistalled/cleaned up Java, ran ComboFix). After running Combofix, which detected a rootkit, my situation improved in that I was no longer blocked from any websites, but I am still being redirected from google search results and still having the Win32 error. I then followed the steps on the sticky thread "I'm infected - What do I do now?" (installed/ran Avira Antivir, installed/ran Malwarebytes' Anti-Malware, ran DeFogger, ran DDS, ran GMER). Here are all of my log files: DDS.txt DDS (Ver_10-12-12.02) - NTFSx86 Run by Alex L at 22:54:34.25 on Mon 02/07/2011 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2506 [GMT -6:00] AV: Spyware Doctor with AntiVirus *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6} AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} AV: McAfee VirusScan *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Personal Firewall *Enabled* ============== Running Processes =============== C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\WINDOWS\system32\lkcitdl.exe C:\WINDOWS\system32\lkads.exe C:\WINDOWS\system32\lktsrv.exe C:\Program Files\National Instruments\MAX\nimxs.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe C:\WINDOWS\system32\nisvcloc.exe C:\Program Files\National Instruments\Shared\Tagger\tagsrv.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\VMware\VMware View\Client\bin\wsnm.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\WINDOWS\system32\spoolsv.exe C:\Documents and Settings\Alex L\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Alex L\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\svchost.exe -k netsvcs C:\Documents and Settings\Alex L\My Documents\Downloads\dds.scr ============== Pseudo HJT Report =============== uURLSearchHooks: H - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File {555d4d79-4bd2-4094-a395-cfc534424a05} uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe" uRun: [Google Update] "c:\documents and settings\alex l\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [GEST] m Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.